# Prevent execution of PHP scripts in uploads directory
<FilesMatch "\.php$">
    Order Deny,Allow
    Deny from all
</FilesMatch>

# Only allow image files
<FilesMatch "\.(jpg|jpeg|png|webp|gif|svg)$">
    Order Allow,Deny
    Allow from all
</FilesMatch>

Options -Indexes
